eDirectory has a number of restrictions that prevent password modification. The user can have insufficient rights for the following reasons:
The user is not a supervisor of the entry.
The flag that allows user to change the password is false.
The password unique flag is true and the password supplied matches a previous password.
A minimum length for the password has been set and the password is too short.
The user did not supply the old password value with the new value in the same operation.
Passwords in eDirectory are stored as RSA public and private key pairs. The Novell LDAP server uses the userPassword attribute to generate these key pairs for an LDAP client.
eDirectory 8.17 or higher is required for users to change their own passwords.
eDirectory 7.xx is required for an administrator to change LDAP user passwords.
If the user has sufficient rights, the process is similar to modifying any attribute of an entry. See AddPassword.java in the Sample Code for a complete example.
IMPORTANT:The delete/add must be in the same modification set.